Privacy Policy

Last updated: March 2026

What data we collect

Email address — used for account login via magic link codes. Not shared with third parties.
Airport selections — your 1-2 chosen origin airports, used to personalize flight deals.
Session token — a random identifier stored in a cookie to keep you logged in.

We do not collect names, IP addresses, payment information, or tracking data.

Why we collect it

To provide personalized flight deal alerts from your selected airports. The session cookie is strictly functional — it keeps you logged in. We do not use analytics or advertising cookies.

How long we keep it

Login codes: deleted after 1 hour
Sessions: expire after 30 days
Accounts inactive for 365 days: automatically deleted

Your rights

Export your data: Account menu or GET /api/auth/export
Delete your account and all data: Account menu or DELETE /api/auth/account
Access what we store: only email + airport codes + timestamps

Cookies

We use a single functional cookie (grabbo_session) to maintain your login session. No tracking or advertising cookies are used.

Contact

Questions about your data? Open an issue on our repository or email the address in the footer.